package com.graduation.vaccine.controller.web;

import com.graduation.vaccine.mapper.UserMapper;
import com.graduation.vaccine.service.UserService;
import com.graduation.vaccine.vo.*;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @Author:CaiShuangLian
 * @FileName:
 * @Date:Created in  2022/4/29 23:54
 * @Version:
 * @Description:TODO
 */
@Api(tags = "web端——用户模块")
@RequestMapping("/web/user")
@RestController
public class WebUserController {

    @Autowired
    private UserService userService;
    @Autowired
    private UserMapper userMapper;

    @PostMapping("/personal/info")
    @ResponseBody
    @ApiOperation("个人中心——个人信息")
    public RespBean personalInfo(@RequestBody String ticket, HttpServletRequest request, HttpServletResponse response){
        if(ticket !=null && !ticket.isEmpty()){
            //根据cookie获取用户信息
            Long phone=userService.getUserByCookie(ticket,request,response).getUserPhone();
            UserVo userVo=userMapper.getUserAllInfoByPhone(String.valueOf(phone));
            if(null!=userVo){
                return RespBean.success(userVo);
            }
        }
        return RespBean.error(RespBeanEnum.ILLEGAL_OPERATION);
    }

    @PostMapping("/all")
    @ResponseBody
    @ApiOperation("组织用户获取本组织下的用户，系统管理员获取平台所有用户（系统管理员除外）")
    public RespBean getListByCompanyName(@RequestBody String ticket, HttpServletRequest request, HttpServletResponse response){
        if(ticket !=null && !ticket.isEmpty()){
            //根据cookie获取用户信息
            UserVo userVo=userService.getUserByCookie(ticket,request,response);
            if(null!=userVo){
                //判断权限
                String action=userVo.getAction();
                if(action.equals(ActionEnum.ORGANIZATION_MEMBER.getAction()) || action.equals(ActionEnum.ORGANIZATION_ADMINISTRATOR.getAction()) || action.equals(ActionEnum.SYSTEM_ADMINISTRATOR.getAction())){
                    String companyName=userVo.getCompanyName();
                    return userService.getListByCompanyName(companyName);
                }else {
                    return RespBean.error(RespBeanEnum.NO_OPERATION_PERMISSION);
                }
            }
        }
        return RespBean.error(RespBeanEnum.ILLEGAL_OPERATION);
    }

    @ApiOperation("联合查询平台所有成员")
    @ResponseBody
    @PostMapping("/union/query")
    public RespBean unionQuery(@RequestBody UnionQueryUserVo unionQueryUserVo, HttpServletRequest request, HttpServletResponse response){
        String ticket=unionQueryUserVo.getTicket();
        if(ticket!=null && !ticket.isEmpty()){
            //根据cookie获取用户信息
            UserVo userVo=userService.getUserByCookie(ticket,request,response);
            String action=userVo.getAction();
            if(action.equals(ActionEnum.SYSTEM_ADMINISTRATOR.getAction())){
                return userService.sysUnionQuery(unionQueryUserVo);
            }else if(action.equals(ActionEnum.ORGANIZATION_ADMINISTRATOR.getAction()) || action.equals(ActionEnum.ORGANIZATION_MEMBER.getAction())){
                unionQueryUserVo.setCompanyName(userVo.getCompanyName());
                return userService.orgUnionQuery(unionQueryUserVo);
            }
            return RespBean.error(RespBeanEnum.NO_OPERATION_PERMISSION,"非系统管理员，无法查看，检查是否登陆过期");
        }
        return RespBean.error(RespBeanEnum.ILLEGAL_OPERATION);
    }

    @ApiOperation("4:30:添加用户，同时分配权限，关联部门（部门下拉框）")
    @ResponseBody
    @PostMapping("/add")
    public RespBean addUserIntoCompany(@RequestBody RegisterUserVo registerUserVo, HttpServletRequest request, HttpServletResponse response){
        String ticket=registerUserVo.getTicket();
        if(ticket!=null && !ticket.isEmpty()){
            //根据cookie获取用户信息
            UserVo userVo=userService.getUserByCookie(ticket,request,response);
            if(userVo!=null ){
                //添加用户
                if(userVo.getAction().equals("system_administrator")||userVo.getAction().equals("organization_administrator")){
                    return userService.registerUser(registerUserVo);
                }
                return RespBean.error(RespBeanEnum.NO_OPERATION_PERMISSION);
            }
        }
        return RespBean.error(RespBeanEnum.ILLEGAL_OPERATION);
    }

    @ApiOperation("4.30-01：修改个人信息")
    @PostMapping("/update")
    @ResponseBody
    public RespBean updateInfo(@RequestBody UpdatePersonalInfo updatePersonalInfo, HttpServletRequest request, HttpServletResponse response){
        //获取cookie
        String ticket= updatePersonalInfo.getTicket();
        if(ticket !=null && !ticket.isEmpty()){
            //根据cookie获取用户信息
            UserVo userVo=userService.getUserByCookie(ticket,request,response);
            if(null!=userVo){
                //获取登录用户的手机号，根据手机号作修改
                Long phone=userVo.getUserPhone();
                updatePersonalInfo.setPhone(phone);
                if(phone!=updatePersonalInfo.getPhone()){
                    return RespBean.error(RespBeanEnum.NO_OPERATION_PERMISSION,"不可修改他人信息");
                }
                return userService.updateUserInfo(updatePersonalInfo);
            }
        }
        return RespBean.error(RespBeanEnum.ILLEGAL_OPERATION);
    }

    @ApiOperation("4/30—01：修改部门成员信息")
    @PostMapping("/org/update")
    @ResponseBody
    public RespBean updateOrgUser(@RequestBody UpdatePersonalInfo updatePersonalInfo,HttpServletRequest request, HttpServletResponse response){
        //获取cookie
        String ticket= updatePersonalInfo.getTicket();
        if(ticket !=null && !ticket.isEmpty()){
            //根据cookie获取用户信息
            UserVo userVo=userService.getUserByCookie(ticket,request,response);
            if(null!=userVo ){
                //获取登录用户的手机号，根据手机号作修改
                String action=userVo.getAction();
                if((action.equals("system_administrator")|| action.equals("organization_administrator"))){
                    //companyName非root时只能修改本部门的信息
                    return userService.updateUserInfo(updatePersonalInfo,userVo.getCompanyName());
                }
                return RespBean.error(RespBeanEnum.NO_OPERATION_PERMISSION,"无操作权限");
            }
        }
        return RespBean.error(RespBeanEnum.ILLEGAL_OPERATION,"未登录");
    }

    @ApiOperation("/注销用户")
    @PostMapping("/cancel")
    @ResponseBody
    public RespBean cancelUser(@RequestBody CancelUserVo cancelUserVo,HttpServletRequest request, HttpServletResponse response){
        String ticket=cancelUserVo.getTicket();
        if(ticket !=null && !ticket.isEmpty()){
            //根据cookie获取用户信息
            UserVo userVo=userService.getUserByCookie(ticket,request,response);
            if(null!=userVo ){
                //获取登录用户的手机号，根据手机号作修改
                String action=userVo.getAction();
                if((action.equals("system_administrator")|| action.equals("organization_administrator"))){
                    //companyName非root时只能修改本部门的信息
                    return userService.cancelUser(cancelUserVo.getPhone(),cancelUserVo.getStatus(),userVo.getCompanyName());
                }
                return RespBean.error(RespBeanEnum.NO_OPERATION_PERMISSION,"无操作权限");
            }
        }
        return RespBean.error(RespBeanEnum.ILLEGAL_OPERATION,"未登录");
    }


}
